Battling the ethical dilemma of big data adoption

Big data is a technology that you’ll be unable to avoid, and while it has opened up new avenues for expansion and growth, it’s also brought a new list of rules and regulations you’ll need to follow to remain compliant with big data ethics.

Following the introduction of big data, the volume and variety of information you accumulate will increase. It’s down to this multiplication of facts and figures that new ethical principles have come to fruition, and these are the new focal points to beware of when creating new frameworks.

While the establishment of new ethical practices is crucial for the sector, it’s also opened up substantial grey areas associated with data collection and the new privacy laws accompanying the process, and with the continued development of these new rules, having the correct ethical code in place can keep your business one step ahead.

You may not be of the view that the ethical principles created by philosopher Immanuel Kant will have the slightest bearing on your day-to-day operations, and although his theories are focused primarily on human behaviour, they can provide a process of logical thinking when it comes to the use of big data.

Kant’s deontological theory states that a person is good or bad depending on the motivation of their actions, and his categorical imperative explains that humans should never treat others as a means to an end. This theory can also be applied during data collection.

Data privacy techniques such as minimisation promote that you should gather only the information you require, and you must have a strong reason for doing so.

To follow these principles when creating your data management strategy, you should set out the goals for your data. If you include this information in your data privacy policy, it will allow you remain ethically compliant while also protecting your data from external threats.

While collecting data, you’ll discover numerous streams that will offer substantial amounts of information. Following the digital transformation, a primary acquisition point has developed through the use of social media.

In the UK there are over 36 million active social media users, and this is forecasted to rise to 42 million by the end of 2022. But accompanying this increased activity is the knowledge that many people have of their digital identity and its value.

When it comes to collecting data from social media platforms, many users have expressed concern about how their information will be shared and used. A recent survey conducted by the Department of Information Science at the University of Colorado found that 62% of people had zero knowledge that researchers used their tweets, and 61% of participants felt this to be a breach of ethical practices.

To move forward using this collection technique, it’s essential you stay on top of your data privacy practices to avoid any ethical breaches. Even the smallest error during the acquisition, collection, and storage of customer information can lead to significant issues with data.

The implementation of big data is on the rise, and it’s this introduction to business networks and infrastructure that requires a myriad of new regulations to be established, helping you to remain compliant throughout.

If your business is still behind on the installation curve, you’ll quickly realise that big data doesn’t only refer to the amount of information you accumulate. It now defines a whole host of technological aspects including algorithms, analysis, and data management.

These new rule changes have signalled a shift in the ethical practices surrounding big data, and as you begin to amass more information, you’ll discover that datasets are no longer just a list of numbers. Each data file will contain vast amounts of information acquired from mobile devices, customer transactions, and other statistical insights, all of which can offer details explaining company performance.

Datasets will also consist of large amounts of metadata; this contains every piece of information about the digital asset you’ve collected including origin, time, format. It’s these details that are crucial aspects of data analysis, as they allow you to discover the hidden trends and patterns in your data.

While this acquisition technique can be highly productive for your business, it doesn’t conform with the ethical principles of data collection and has caused some controversy, as there can be no notice of informed consent, clarity in the use of data, or retention policy made known to participants.

So if the goal of your business is to use this type of data to aid growth, then remaining compliant and following the right practices and principles should be top of the agenda when creating your data management strategy.

Big data is an asset you’ll need on side to grow successfully. To harness its full potential, your business will need to remain complaint but also have a valid reason for collecting data.

As your business begins to grow, the task to remain compliant will become increasingly difficult. But if you incorporate the five Vs of big data, it will enable you to gain increased amount of value from the data you collect.

By utilising these new techniques, it can place added strain on your business resources. However, there are ways in which you can comply with the rules and regulations without feeling the pressure.

Create a data protection policy

When collecting any data, a significant issue your business will face is ensuring the information you have acquired is used correctly, and for the right purpose. Data collection is all about gathering and measuring information to help you add the most value to your business, but you should ensure you act responsibly during this process.

Creating a data protection policy will allow you to set out the practices and principles throughout the your business. It will first ensure that the right people have access to the information, and as Ethar Alali, Chief Executive of Axelisys explains, it will also avoid the inadvertent exposure of data which can create identifiable sets of information if the information is exposed.

“Most businesses will have a data protection policy,” says Ethar. “These policies should clearly state what the data will be used for, and which data is harvested. Before any big data exercise, your business should obtain consent, and any subject can choose to have their information removed from the data source.”

This policy should also conform with data governance, as Ethar believes the two work hand in hand with one another. “Though ethics has a much broader remit than just data governance,” he adds. “It not only answers what you should store and whether you should store it, but also whether you should use it at all.”

Analyse the data you have in storage

Expanding your use of big data will lead to the generation of new information, as will the introduction of any technology associated with data collection. But just because you have an unlimited stream of data that you can store and analyse, it doesn’t mean you should always be looking for new avenues of data collection.

Performing analysis on the data you have in your data warehouse will aid the decision-making process, and help identify whether you need to create new campaigns or outreach for more information, as a careful inspection can show you currently have everything you need to make the right decisions.

Ultimately, the decisions you make that will open up business progression will come down to the actionable evidence you can provide to higher-ups. If you utilise business intelligence technology, this can offer a more in-depth analysis tool to help look at historical data, and on occasion can pick out the details you need.

But if you make the decision you need to acquire more information, setting out the intended use for the information you wish to collect in your data management strategy will ensure you only gather the data required to reach your goals.

Inform people what you’re collecting

While this process can also be categorised under data privacy, there’s also an element of ethical compliance when informing people what information you’re collecting about them. There are numerous different data collection techniques your business can utilise, including:

Website conversions

Cookies

Interviews

Questionnaires and surveys

Ethnographies

Case studies

Documents and records

Financial records

Medical records

Whichever method you choose to collect your data, providing participants with the relevant information as to which pieces of personally identifiable information you will be receiving, which data you will place in a storage facility, and how you plan to use the data should all be demonstrated in the privacy information on your website.

If you follow this process, it will allow you to provide customers with information on how their data is collected, being utilised, and if you hold data that can be seen as personally identifiable, what they wish for your business to do with that in future.

Remember your customers have the right to privacy

Before beginning any data collection process, you should make everyone in your business aware of the ethical principles surrounding right to privacy.

The impending introduction of GDPR has changed the current rules and regulations regarding data privacy. With this new legislation, any personally identifiable data you collect must be:

Processed lawfully, fairly and in a transparent manner in relation to individuals;

Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purpose or statistical purpose shall not be considered to be incompatible with the initial purpose;

adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and

processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Following these practices will provide not only a safety net for your company when it comes to data collection, but it also allows you to put the necessary measures in place to protect any of the data you collect against external threats.

When beginning any data collection process, you should have an ethically proven data protection strategy in place to prevent any issues from happening. A vital part of this strategy should be to highlight any risks that can break through the protective barriers you have in place, and the practices that you can utilise to halt a threat.

However, as your business continues to grow, the volume of data coming into your analysis systems and storage silos will increase, which will open you up to more potential hazards. To help prevent these issues from arising, we’ve listed the top principles you should put in place to protect against ethical dangers.

Data protection principles

What big data risks can occur?

Set out a legitimate purpose for the data before collection

On occasion, data can be used for another purpose which is not made clear at the time of collection

Ensure you have consent to collect and use the data

If you fail to set out a clear path for data use, then you cannot ask participants for the right consent

Is the consent obtained for a lawful purpose

Failure to establish the right consent can make the use of this data unlawful

Collect only the amount of data you need to perform the actions for in your business

FACT: Your business will accumulate more data. But collecting more than you need will lead to added security risks

How transparent is the data?

During the collection process, the amount you collect can become so large that you’re unable to track it

Security threats can attack your information

The collection of more-extensive amounts of data can open your business to wider security issues including data hacking and network shutdowns

Being held accountable for the data you collect

Compliance does not always hold when collecting so much data

Data protection should be a default process

You should have anonymity protocols in place. However if you push this process to much, you lose your use for big data

If you have the right steps in place right from the get-go in a well-thought-out strategy, then you should have the correct measures in place to prevent a breach to your data protection, which could open up further ethical issues. Choosing the right steps to implement data protection will be determined on which sector your business operates in.

For example, a business that operates in the finance sector will be at an increased risk when it comes to a data protection breach, due to the amount of personal information they’ll accrue each day.

However, with a recent study by the Ponemon Institute finding that on average it will take finance companies 98 days to spot a data breach or identify the illicit activity, keeping your protection strategy ethically compliant will keep you a step ahead of hackers.

The discovery of any new technology and its introduction into any business scenario will call for the creation of new guidelines, with the implementation of big data systems following a similar process.

To ensure you remain compliant with ethical standards when collecting data, a high priority should be educating your staff and ensuring they are made aware of new policies. Providing them with a list of what you’ve chosen to implement won’t be enough; offering the right education is a fundamental policy that your business should follow when it comes to incorporating big data ethics.

“You can implement a big data ethical policy and guidelines for your business and make sure that the relevant analysts and managers receive training so that they know where the company stands on such issues,” says Michael Blakely, Managing Consultant of Pangolin Data Protection Consultancy. “But training and guidance is only the first step. As the company builds its big data capabilities, you must ensure that it backs these up with making decisions that support these policies and discipline staff who ignore these.”

While the collection of information through big data isn’t a new concept, utilising the technology for analytical purposes is perhaps a technique you might be unfamiliar with.

As the amount of data channelling into your business increases, the velocity at which accumulation occurs will also rise. To cope with all this new information, you’ll need to implement new analytical practices, but you’ll also need to ensure that each of them is ethically proficient and ensure they won’t cause future issues.

Ensure the data is beneficial:

Compiling data for analysis is vital when it comes to big data. However, before the collection of any information, you should ensure that it will benefit all parties in the long run.

Is the source sustainable:

There is a myriad of places to gather data, but to remain ethical during the process, you should ensure whichever information you collect comes from a sustainable source.

As your data expands, it will become increasingly difficult to find the correct sample size to sustain valuable extraction. But by creating specific algorithms and statistical analysis techniques, it can help your data withstand the test of time. However, you’ll also need to ensure they also remain compliant with data protection and privacy laws.

As you grow, upholding the ethical principles of big data is not only the job of the CIO, CTO or big data team, it is a more comprehensive organisational process. Ensuring everyone in your business is familiar with the practices and principles will ensure complete compliance with ethics, as one minor slip in your protection or privacy policy could lead to disastrous consequences.

Have you recently changed your ethical frameworks or implemented new practices? Let us know in the comments below and don’t forget to sign up to the Churchill Frank blog.